[cap-talk] Virtualizability vs. Synergy
Eric Jacobs
eric at theeric.com
Wed Jul 12 14:46:23 EDT 2006
On Sun, 09 Jul 2006 14:29:15 +0100
David Hopwood <david.nospam.hopwood at blueyonder.co.uk> wrote:
>
> # In each synergy pattern I rely on some other object that I did not get
> # from you to tell me whether I can safely use P. I pass P to it and it
> # replies yes or no.
I don't really understand what the conflict between that and full
virtualizability is. The very definition of full virtualization in a
capability system would be that there are no "other objects" that come
from outside the virtualizing host, I'd think.
In that case the host takes full responsibility for the cases where the
interface contracts are broken, if it does override the synergy checks
(as it may well be sensible to do, for example in a test case, for debug
or experimental purposes.) For the confined object to have some way of
escaping this would compromise those use cases.
More information about the cap-talk
mailing list